An elite cyberattack group that was employed by governments and agencies was probably hacked by another country, it has said — and the attack has led to its powerful hacking tools being released into the wild.

Hacking Team was hacked last week, revealing private emails and documents as well as insights into its tools. The leaked documents showed many of the vulnerabilities that were being used by the group — such as a bug in Adobe Flash that can be exploited to get complete control of a computer — which has meant that anyone can counteract them as well as use them for their own ends.

After yesterday's news that Facebook's new chief security officer wants to set a date to kill Flash once and for all, the latest version Mozilla's Firefox browser now blocks Adobe's vulnerability-riddled software as standard. Mark Schmidt, the head of the Firefox support team at Mozilla, tweeted that all versions of Flash Player are blocked in the browser as of its latest update, accompanying the news with an image showing a raised fist and the phrase "Occupy Flash."

Yesterday the usual tech news outlets were buzzing over an accidental tweet which the media incorrectly interpreted as Mozilla was ditching flash (Blame The Verge for the chain reaction of copied news articles) entirely as a policy. While that is not the case, I was just as excited as many at the faux-news. This got me thinking: what would it really take for the web to kill Adobe Flash? Could Mozilla really make such a move and kill Flash on its own if it wanted to?

Last week I released No Flash 0.5, my addon for Firefox to fix the legacy of video embedding done with Flash. If you are like me and don't have Flash installed, sometime you encounter embedded video that don't work. No Flash will fix some by replacing the Flash object with a HTML5 video. This is done using the proper video embedding for HTML5.

This message comes after it was revealed that the recently hacked "Hacking Team" was using Flash zero-day vulnerabilities to hack journalists, activists, governments and more. Alex Stamos, like other security experts, must have also gotten tired of hearing about so many security vulnerabilities that Flash has had during its entire lifetime.

Now more than ever, leaving Adobe Flash Player on your system is looking like a dubious proposition.

While Flash has long been a popular vector for malware, last week’s security breach of surveillance software firm Hacking Team underscored just how vulnerable Flash can be. Hacking Team was relying on at least three unpatched Flash exploits, which cybercriminals immediately adapted for their own nefarious uses. Adobe is scrambling to patch the exploits, but at least one remains unfixed as of this writing.

Often when doing performance analysis or debugging, it boils down to stare at long text trace files with the less text viewer. Yes you can do a lot of analysis with custom scripts, but at some point it’s usually needed to also look at the raw data.

The first annoyance in less when opening a large file is the time it takes to count lines (less counts lines at the beginning to show you the current position as a percentage). The line counting has the easy workaround of hitting Ctrl-C or using less -n to disable percentage. But it would be still better if that wasn’t needed.

Nicolai Haenle speeded the process by about 20x in his less repository.

In the past I have reviewed QMPlay2, a video player using ffmpeg and the Qt 5 toolkit, which gets updated often and ships with some great features. The latest version is 15.07.12, released yesterday, and brings several fixes over the previous release.

Vivaldi, a web browser built by one of the Opera founders and his team, has been upgraded once more, and the developers seem to be preparing to exit Technical Preview 3 and enter the next stage, Technical Preview 4.

TigerVNC 1.5.0 brings IPv6 support for the VNC server, support for two passwords (full access or view only), syslog support in Xvnc, GnuTLS priority configuration, performance fixes, and other bug-fixes. This release is coming just a half-year after the introduction of TigerVNC 1.4.0 and its few point releases since that point.

Batch image processors are often underrated and don't get the attention they deserve. But this type of software is worth getting familiar with. With batch image processing, a user can select a size or file type, and then convert all the selected images. This way, hundreds or thousands of images can be processed with just a few clicks. Unfortunately, there are not that many tools that do batch conversion really well. But these four tools save loads of time and effort.

The main feature of this new release is the improved vcomp.dll support. The Visual C++ compiler uses this dll to create and manage threads when using OpenMP. Unlike the name might suggest, the internal details of the Microsoft implementation are undocumented. Before this release Wine Staging already contained the single-threaded fallback implementation by Dan Kegel, which was replaced with a new implementation including proper multi-threading support. For many applications that depend on OpenMP support through vcomp.dll it is no longer necessary to install native libraries. Various additional functions are planned to be implemented until the next release.

As you may know, Dzip is an open-source, command-line software for file compression/decompression. It has drag and drop support, the users being able to easily create .dz files. But unlike WinZip or other software, it does not copy the extracted files to temp and move them to the destination when finished, the files being copied to the destination directly.

Oracle has just released a new major version for VirtualBox, which is one of the most used and powerful applications of its kind for Linux users. The 5.0 version has been in the making for quite a while, and the stable version has finally landed.

Sbackup, Simple Backup, is an Open Source, easy to use backup solution intended for desktop use. It can backup any subset of files and folders. All configuration is accessible via Gnome interface. File and paths can be included and excluded directly or by regex, It supports local and as well as remote backups. Though it looks simple in use and configuration, it has many features like an advanced backup utility.

There's been various one-time password features in the works for OpenLDAP -- the popular open-source implementation of the Lightweight Directory Access Protocol -- in various code-bases while now within their mainline Git tree they have time-based one-time password (TOTP) support.

In more INN-related news (and catching up on my substantial backlog), a second release candidate for the INN 2.6.0 release is now available. (The first one was only circulated on the inn-workers mailing list.)

ownCloud has made it’s 8.1 release available. This release contains significant under the hood improvements, increasing scalability and performance of syncing and file operations while making ownCloud a better platform for developers to build upon.

ISL Online, a pioneer in the secure remote desktop industry, has released ISL Light 4.0.3, which expands the support to Linux platform and completes the series of releases of the fourth generation of state-of-the-art remote support software.

You often hear that Linux will only become mainstream when more proprietary software is ported to Linux. Like the two characters waiting for Godot, thousands of people are apparently waiting for the day Microsoft Office or Photoshop releases a Linux version and demolishes its free-licensed rivals. Against all reason, the expectation persists.

The truth is, proprietary ports are unlikely to happen. Commercial software developers have never figured out how to profit from Linux ports. Meanwhile, in their hesitation, countless free software equivalents have matured into serious competition, providing another reason the commercial shops to avoid the market. The only exceptions are high-end products like Maya, which can be written off as a business expense.

I first started using ntop about eight or nine years ago. I was technology director of a K-12 public school, and we were looking for network analysis tools that would not break our budget. I found ntop through a Google search and installed it on an extra computer we had that was running CentOS.

Today the ownCloud community released ownCloud 8.1. You might think it sounds like a smaller release because we called this 8.1 instead of 9.0 but you’d be wrong. The contributor community hasn’t slowed down, quite the opposite. By the end of last year we decided to do smaller releases instead of huge ones. Because of that we will jump to a major version number only once a year and will increase the minor version number for the other releases. So this one is called 8.1 but it’s a major new version. So what is in 8.1?

Over the years, I've heard both Windows users and Linux enthusiasts make the claim that professional media production on Linux is impossible. While there may be some workflows so over-engineered that legacy software is a must, I firmly believe that, with effort, using Linux for media production is doable.

In this article, I'll share application titles that can help make media production with Linux possible. The key thing to remember is that in order to be successful you will have to put forth some effort. Because some of the applications are quite complicated and require an education all their own.

More in Tux Machines

The Ubuntu MATE project does something very admirable each month. Its makers contribute financially to other open source projects that are being used in the operating system, and that is something that doesn't happen all the often in the FOSS universe.

Wine 1.7 Series Turn Two Years Old, No Sign Of Wine 1.8

Today marks two years since the start of the Wine 1.7 development series. While it's been two years of doing bi-weekly development releases, there's no sign of Wine 1.8.0 being ready for release in the near future.

Leftovers: Software

All the *mm projects now require C++11. Current versions of g++ require you to use the –std=c++11 option for this, but the next version will probably use C++11 by default. We might have done this sooner if it had been clearer that g++ (and libstdc++) really really supported C++11 fully.

I have just released version 1.13 of Obnam, my backup program. See the website at http://obnam.org for details on what it does. The new version is available from git (see http://git.liw.fi) and as Debian packages from http://code.liw.fi/debian, and uploaded to Debian, and soon in unstable.

MusicTube is a very interesting music player designed for multiple platforms using YouTube as the music source. It's not made for locally hosted music, and you can't add other online sources, but YouTube is a huge resource.